There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company. A database that was left online without password protection has since been taken down.
The Department of Homeland Security is warning that Chinese-made drones could be sending sensitive data back to their manufacturers, where it can be accessed by the government, according to news reports.
U.S. President Donald Trump on Wednesday signed a long-expected executive order that bans the purchase of telecommunication equipment from nations deemed to pose a spying risk. Also, Huawei was banned by the Commerce Department from buying U.S. components without obtaining a license first.
Equifax has reported a loss in its latest quarter due to ongoing incident response, legal, investigative and corporate information security overhaul costs resulting from its 2017 data breach. The credit reporting giant says that so far, it's spent $1.4 billion as a result of the massive breach.
An unsecured database belonging to Canadian mobile operator Freedom Mobile exposed personal details and unencrypted payment card data, according to two security researchers who discovered the data. The database has since been secured, with Freedom Mobile blaming the error on a third-party provider.
Canada's privacy commissioner says Facebook violated its privacy laws by failing to protect users' personal data. The commissioner plans to take Facebook to federal court for allegedly refusing to implement recommendations to strengthen its privacy framework.
Nearly one year after the EU's new privacy law came into effect, the U.K.'s National Cyber Security Agency continues to assist organizations that suffer cybersecurity attacks. Both NCSC and law enforcement agencies this week emphasized that they will never report breach victims to privacy watchdogs.
The latest edition of the ISMG Security Report describes how a Facebook Marketplace glitch created serious privacy issues. Plus: An update on the activities of the FBI's Recovery Asset Team and HSBC whistleblower Everett Stern's preview of keynote address at upcoming ISMG Fraud and Breach Summit in Chicago.
Facebook has set aside $3 billion from its first quarter profit to pay for what is likely to be a record-breaking fine from the U.S. Federal Trade Commission. But will mega-fines lead to the reform of tech giants' questionable privacy and security practices?
Google is facing questions from Congress about Sensorvault, its database that stores the geolocation data of millions of Android users, which has sometimes been shared with police as part of criminal investigations.
Facebook has fixed a security vulnerability in its digital marketplace that could have been abused to identify the precise location of a seller, and by extension, their goods. Police warn that thieves regularly trawl location data to find the owners and locations of high-value items.
"Move fast and break things," Facebook CEO Mark Zuckerberg once said of his company's internal motto. But regulators have been increasingly signaling to Facebook that when it comes to users' privacy and data security, too much remains broken.
A warning that a smartwatch marketed to parents for tracking and communicating with their children could be coopted by hackers leads the latest edition of the ISMG Security Report. It also reviews how a DNS hijacking campaign is hitting organizations and how "dark patterns" trick users.
From blockchains and surveillance to backdoors and GDPR, a group of leading cryptographers rounded up the top cybersecurity and privacy matters of the day at the cryptographers' panel held at the recent RSA Conference 2019 in San Francisco.
In the past, the relationship between cybersecurity and privacy has been uneasy and even ill-defined. But today, in the post-GDPR era, the relationship is clear, and so is the legal and compliance path forward, says David Ruiz of Malwarebytes.